Dark Reading: Deconstructing The Impact Of Ransomware On Healthcare’s IoT

Dark Reading recently published an article by Bromium’s Vadim Kotov, a senior security researcher on our Labs team. In the article, Vadim outlines whether medical devices are really at risk of being targeted by ransomware.

Key points from Vadim’s article include:

Laptops, tablets, phones, and other devices have screens, but pacemakers don’t, meaning a ransomware attack will require multiple stages. A “smart” pacemaker will probably be controlled by a computer or phone, so the attacker will need to go through these steps: first, hit a device with a display screen; second, perform additional reconnaissance and determine whether it has any IoT devices connected to it; third, lock the IoT devices found; and then finally, pop a ransom note to the user of that computer or phone.

….

It’s unclear if ransomware attacks on medical devices are viable. While it’s likely some criminals will eventually try to infect IoT devices with ransomware, it’s debatable whether it will reach the scale of current PC ransomware. Microsoft found ransomware is not as prevalent as other types of malware, which contradicts the ICIT report.

Ransomware hasn’t conquered the PC world, but it’s bringing enormous profits to authors. Does this mean the underground economy is in balance and we should not expect it to shift significantly to hit IoT, particularly pacemakers, anytime soon?

….

With ransomware hitting increasingly important targets, I can’t help but wonder if IoT devices will be next. I don’t think that’s going to come anytime soon. Though researchers have shown that a host of connected medical devices can be hacked, it’s another thing to hold data for ransom. Either way, it’s time to pay closer attention to the security of all connected devices.